RSAC 2024 Day 2: IoT Security Questions (and Answers)
RSA Conference delivers in terms of interesting dialogues with other cybersecurity professionals, and this year while there is not much on the conference agenda related to IoT security there is a lot of discussion about it. Whether it’s the UK’s Product Security law going into effect at the end of ... Read More
RSAC 2024: IoT Security Questions (and Answers)
The 2024 RSA Conference is underway, and Viakoo is out in force. During the conference as we meet with customers, prospects, media, and analysts I will try to cherry pick some of the more interesting questions related to IoT Security. Over the past year the number of IoT security breaches ... Read More
Urgency on Password Management
As a security professional I’d like you to consider the following scenario. You’re constantly adding new laptops to your organization, devices that connect to your corporate networks and will hold and transit incredibly valuable and sensitive data. All of these laptops come into your company with exactly the same password ... Read More
Unsafelok Threat Highlights It’s About Both IoT Devices and Applications
IoT devices and applications exist all over the place, and in high volume. Today’s news brought yet another example of how the scale of IoT systems leads to the conclusion that their security is deeply dependent on automation. Security researchers announced a hotel keycard hacking technique called “Unsafelok” which enables ... Read More
Survey on 2024 IoT Security Crisis
Surveys play an important role in setting strategy and choosing how to address a difficult situation. Organizations today are urgently in need of addressing their IoT security situation; it’s the fastest growing part of the attack surface overall and the one security area most likely to be made worse by ... Read More
The Coming End of Biometrics Hastens AI-Driven Security
Until recently I thought we had a lot of time ahead of us to be secure in using biometrics to authenticate who I am and what I should have access to. But then this morning I came across a story about GoldPickaxe, a app-based exploit aimed at gathering facial and ... Read More
Confessions on MFA and Security Best Practices
The last couple weeks have brought a few discussions on the topic of multifactor authentication or MFA (sometimes also referred to as 2FA or two factor authentication). These discussions have been driven by the SEC’s X (formerly known as Twitter) account being hacked in order to goose the price of ... Read More
The Connection Between Alaska Airlines, Blown Out Windows, and IoT Security
As the shock starts to wear off from hearing that a window blew out on a recent Alaska Airlines flight I came across research from our partner Nozomi Networks that might help to explain what happened (or could happen). As reported in Ars Technica (Hackers can infect network-connected wrenches to ... Read More
10 IoT Security Predictions for 2024
Against a backdrop of uncertain economic conditions and geopolitical unrest, 2023 nears its end. But it isn’t all bad news. In the race against cyber criminal gangs and malicious threat actors in 2023 major catastrophes have not materialized, and the state of cyber defense is stronger than ever. New solutions ... Read More
Extending Cybersecurity Awareness to IoT Devices
We’re at the end of Cybersecurity Awareness Month, which is a good time to reflect on where your organization needs to improve and extend it’s cybersecurity efforts. If you’re like most organizations the answer is IoT devices and applications; it’s the fastest growing attack surface for most organizations and on ... Read More
